This paper describes the problems DDS data-centric messaging technology was designed to address, including flexible deployment, performance and scalability, robust architecture, and secure communication. It was written from the perspective of a US Navy user, but the problems and solutions it describes are not specific to that environment.

Raytheon Integrated Defense Systems position presentation for the OMG DDS Security Panel

Security requirements on DDS as perceived by Combat System applications

Presentation for OMG DDS Security Panel

Classical approaches to distributed system security often rely on single-purpose entities to authenticate clients, enforce access and security policy, or at least distribute authentication tokens.  While these models are reasonable for controlling access to a centralized resource (such as a database), they are not suitable for highly-distributed and dynamic systems where fielded nodes with intermittent connectivity require access to real-time data.

Proposed RFP to add standard interoperable mechanisms to communicate data securely using DDS. The proposed standard would add several new capabilities to DDS:

hen DDS is used in complex distributed systems-of-systems, numerous security concerns may arise. These include ensuring availability of the system, resistance of the system to un-trusted network traffic, and confidentiality of sensitive data. As systems are increasingly interconnected, it is crucial that security concerns be considered early in the design process.

Presentation given at the 2007 Real-Time and Embedded Systems Workshop

Security Model and Enforcement for Data Centric Publish/Subscribe Applications with High Information Assurance Requirements, Presentation given by Sebastian Staamann, PrismTech, at the 2007 Real-Time and Embedded Systems Workshop

Integrating DDS Into Secure Net-centric Systems: A Pragmatic Approach Presentation given by Ariel Salomon and Gerardo Pardo, RTI at the 2008 Real-Time and Embedded Systems Workshop